Format: 1.8
Date: Thu, 01 Sep 2016 00:29:09 -0700
Source: imlib2
Binary: libimlib2 libimlib2-dev
Architecture: arm64
Version: 1.4.6-2ubuntu0.1
Distribution: trusty
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos01-arm64-033.buildd>
Changed-By: Steve Beattie <sbeattie@ubuntu.com>
Description: 
 libimlib2  - image loading, rendering, saving library
 libimlib2-dev - image loading, rendering, saving library (development files)
Changes: 
 imlib2 (1.4.6-2ubuntu0.1) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: denial of service (divide-by-zero) via drawing
     a 2x1 ellipse.
     - debian/patches/debian/patches/04_CVE-2011-5326.patch: ensure
       denominators are not zero.
     - CVE-2011-5326
   * SECURITY UPDATE: denial of service (segmentation fault) via a
     GIF image without a colormap.
     - debian/patches/debian/patches/CVE-2014-9762.patch: return error if
       no colormap.
     - CVE-2014-9762
   * SECURITY UPDATE: denial of service (divide-by-zero) handling
     PNM files.
     - debian/patches/debian/patches/CVE-2014-9763.patch: ensure
       denominators are not zero.
     - CVE-2014-9763
   * SECURITY UPDATE: denial of service (segmentation fault) handling
     certain GIF images
     - debian/patches/debian/patches/CVE-2014-9764.patch: check for NULL.
     - CVE-2014-9764
   * SECURITY UPDATE: integer overflow leading to denial of service
     - debian/patches/debian/patches/05_CVE-2014-9771.patch: reduce
       maximum allowed image dimensions.
     - CVE-2014-9771
   * SECURITY UPDATE: denial of service due to out-of-bounds read.
     - debian/patches/debian/patches/06_CVE-2016-3993.patch: check
       boundary condition before reading array element.
     - CVE-2016-3993
   * SECURITY UPDATE: out-of-bounds read handling GIFs leading to denial
     of service or information disclosure.
     - debian/patches/debian/patches/07_CVE-2016-3994.patch: ensure
       colormap limits are honored.
     - CVE-2016-3994
   * SECURITY UPDATE: different integer overflow on 32 bit arches
     leading to a denial of service
     - debian/patches/debian/patches/08_CVE-2016-4024.patch: reduce
       allowed dimensions even further.
     - CVE-2016-4024
Checksums-Sha1: 
 7e0228ab8cf4f3905682835028c58448fd8bb4ee 142470 libimlib2_1.4.6-2ubuntu0.1_arm64.deb
 87bdbb3c0ba3d818e7098668eed0510c53d7df80 146060 libimlib2-dev_1.4.6-2ubuntu0.1_arm64.deb
 aaa89ef6fe99585063a9d475c49c7614ee083035 311820 libimlib2-dbgsym_1.4.6-2ubuntu0.1_arm64.ddeb
Checksums-Sha256: 
 b17fa44a363caa82610b07ca999255c4421ee623b1dc2dfe33a9ea8cb679727a 142470 libimlib2_1.4.6-2ubuntu0.1_arm64.deb
 a2565bae2ccd5c3f449d122f379c70dcfdbab3587d390672311d85bf0612d03b 146060 libimlib2-dev_1.4.6-2ubuntu0.1_arm64.deb
 07ff2149c2d5e93ab0a96ea563b1915054fdb540f4ed538d3103bfb7fa562d34 311820 libimlib2-dbgsym_1.4.6-2ubuntu0.1_arm64.ddeb
Files: 
 e2870a7485eea07a44b2ea300247fb96 142470 libs optional libimlib2_1.4.6-2ubuntu0.1_arm64.deb
 5ed513988478749c938e2964f68ff2b5 146060 libdevel optional libimlib2-dev_1.4.6-2ubuntu0.1_arm64.deb
 9fcc512492bacc8dedaf3ab8645f6935 311820 libs extra libimlib2-dbgsym_1.4.6-2ubuntu0.1_arm64.ddeb
Original-Maintainer: Alessandro Ghedini <ghedo@debian.org>